dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,767 Commits 11 Branches 78 Tags
Commit Graph

2767 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nanne Baars
d2a1546dff
Apply formatting 
This will make sure we have a consistent style across our project and the PRs are only concerned with actual changes and no longer about style.
 2023-01-04 08:07:23 +01:00
Nanne Baars
b03777d39b Support boolean when parsing the token. 
When the admin json element passes as a `boolean`:

```
{
 "admin": true
}
```

the parsing is now successful.
 2023-01-04 07:43:18 +01:00
Nanne Baars
32468ff90b
Add sql lesson (#1370) 2023-01-04 07:42:29 +01:00
dependabot[bot]
614235d913
Bump actions/cache from 3.2.1 to 3.2.2 (#1369) 
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.2.1...v3.2.2)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-31 16:28:31 +01:00
dependabot[bot]
9abf4ef2ea
Bump actions/cache from 3.0.11 to 3.2.1 (#1368) 
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.11 to 3.2.1.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.11...v3.2.1)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-27 18:00:54 +01:00
aswins2108@gmail.com
6a18ee80be Added info about login in the ReadMe file 2022-12-06 14:07:05 +01:00
Adam Szatyin
71ec36102f Fix typo 2022-12-01 21:34:19 +01:00
András Veres-Szentkirályi
8db9ff30be Fixed incorrect word 
while "wear" and "were" have similar pronunciation, one of them is better here than the other :)
 2022-11-29 18:55:44 +01:00
András Veres-Szentkirályi
b51be74cab typofix 2022-11-28 17:10:14 +01:00
dependabot[bot]
d4e3c9b91c Bump actions/cache from 3.0.10 to 3.0.11 
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.10 to 3.0.11.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.10...v3.0.11)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-23 10:06:24 +02:00
dependabot[bot]
87358d4238 Bump docker/setup-qemu-action from 2.0.0 to 2.1.0 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-23 10:06:13 +02:00
dependabot[bot]
3bc5309a1c Bump docker/build-push-action from 3.1.1 to 3.2.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v3.1.1...v3.2.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-23 10:05:56 +02:00
dependabot[bot]
8ec69d0a41 Bump docker/login-action from 2.0.0 to 2.1.0 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2.0.0...v2.1.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-23 10:05:44 +02:00
dependabot[bot]
1f567749bd Bump actions/first-interaction from 1.1.0 to 1.1.1 
Bumps [actions/first-interaction](https://github.com/actions/first-interaction) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/actions/first-interaction/releases)
- [Commits](https://github.com/actions/first-interaction/compare/v1.1.0...v1.1.1)

---
updated-dependencies:
- dependency-name: actions/first-interaction
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-23 10:05:32 +02:00
dependabot[bot]
ea892dbcb2
Bump actions/cache from 3.0.8 to 3.0.10 (#1342) 
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.8 to 3.0.10.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.8...v3.0.10)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-10-05 11:24:44 +02:00
Jesper Hallborg
96c2595ad0 Update interface name to exploit 
The name is
org.owasp.webgoat.lessons.vulnerablecomponents.Contact
not
org.owasp.webgoat.vulnerablecomponents.Contact
 2022-09-21 22:32:16 +02:00
René Zubcevic
34f5b79249
isReadable works inside a container, isFile not (#1334) 2022-09-12 09:02:07 +02:00
Thanh Tran
f5e4d4717a FixTypo - Fix typo in various lesson documentations 2022-08-30 22:21:22 +02:00
dependabot[bot]
de3c2c8d85 Bump actions/cache from 3.0.6 to 3.0.8 
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.6 to 3.0.8.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.6...v3.0.8)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-27 16:44:51 +02:00
dependabot[bot]
975cbf5769
Bump docker/build-push-action from 3.1.0 to 3.1.1 (#1321) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-08 20:06:48 +02:00
dependabot[bot]
3308f89acc
Bump actions/cache from 3.0.5 to 3.0.6 (#1320) 
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.5 to 3.0.6.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.5...v3.0.6)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-06 21:59:58 +02:00
Àngel Ollé Blázquez
50f932b02e Renamed to webwolfintroduction 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
251167c6b0 Renamed to webgoatintroduction 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
256c1dd3aa Renamed to vulnerablecomponents 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
b93c935d6c Renamed to sqlinjection 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
827a9d3467 Renamed to securepasswords 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
91470b93ea Renamed to pathtraversal 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
37d684fdd3 Renamed to passwordreset 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
4f911c64a1 Renamed to missingac 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
e0a0a80ad9 Renamed to lessontemplate 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
26c289d7d4 Renamed to insecurelogin 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
1eff81718b Renamed to httpproxies 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
08ce1add01 Renamed to httpbasics 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
25948306bd Renamed to htmltampering 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
1c86f465dc Renamed to clientsidefiltering 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
3b330fb328 Renamed to chromedevtools 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
8a35316985 Rename to bypassrestrictions 2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez
c63345e4ee Rename authbypass 2022-07-31 22:39:21 +02:00
René Zubcevic
005b9f03a4
search the menu using input box (#1317) 
* working version

* change onchange to oninput with minimum of three chars

* working version with delay and fix for category click
 2022-07-31 20:45:09 +02:00
René Zubcevic
4d48bd3d4c
fix in style sheet that now shows normal dropdown behaviour (#1315) 2022-07-27 13:44:23 +02:00
René Zubcevic
71afc6b6f3
Workflow fix (#1311) 
* conditional step

* conditional step
 2022-07-25 09:55:24 +02:00
Àngel Ollé Blázquez
242fdf39a1 Fixes #1233 - Path traversal seems to contain wrong description 2022-07-24 22:09:16 +02:00
Nanne Baars
37163a99a6 Remove unused script 2022-07-24 15:34:43 +02:00
Nanne Baars
126ead2290 Add release notes 2022-07-24 15:34:43 +02:00
Àngel Ollé Blázquez
928bc32f4f Update README.md 2022-07-24 15:34:08 +02:00
René Zubcevic
6b63aaf8b1
Robot framework (#1304) 
* added Robot framework UI tests

* added Robot framework UI tests workflow

* Update test.yml

wait in workflow

* remove obsolete selenium java libs and test

* Update test.yml

push result to commit as comment

* Update test.yml

push comment does not seem to work on WebGoat PR

* clean up unrequired robot options

* update readme
 2022-07-24 12:28:01 +02:00
Àngel Ollé Blázquez
c4f16ceff6 Update README.md 2022-07-23 21:56:39 +02:00
Nanne Baars
4050d1817c Move to JRE image 2022-07-23 09:39:52 +02:00
Nanne Baars
37186e1d90 Explicity add ports to Java command 
This way we don't have to mention it somewhere in the documentation it is all in one command
 2022-07-23 09:39:52 +02:00
Nanne Baars
06b7244de7 Move XXE lesson to category A3: Injection 2022-07-23 09:39:52 +02:00